Google 'Bouncer' Now Scanning Android Market for Malware

Google on Thursday added a new layer of security to the Android Market, dubbed Bouncer, that will scan apps for evidence of malware.

Google on Thursday added a new layer of security to the Android Market, dubbed Bouncer, that will scan apps for evidence of malware.

The effort will automatically scan new and existing apps as well as developer accounts, "without disrupting the user experience of Android Market or requiring developers to go through an application approval process," said Google's vice president of engineering, Hiroshi Lockheimer, in a nod to Apple's App Store process.

"Here's how it works: once an application is uploaded, the service immediately starts analyzing it for known malware, spyware and trojans," Lockheimer wrote in a blog post. "It also looks for behaviors that indicate an application might be misbehaving, and compares it against previously analyzed apps to detect possible red flags."

Google said it runs every app in its cloud infrastructure to simulate how it might work on an Android device to look for anything fishy. Developer accounts are also scrutinized to guard against banned individuals making a reappearance.

Android malware was big news in 2011. Unlike Apple, Google does not have a strict approval process in place for its Android Market, and while that might make for a more open environment, it also makes the store vulnerable to some dangerous apps.

"We've chosen not to be the gatekeeper," Alan Davidson, now former director of public policy at Google, said during a May hearing on location tracking. "We don't generally go back and try to make sure that every app does what it says it's going to do. [Google is] really trying to maximize the ability of small app developers to get online."

According to data from Juniper Networks, malware in the Android Market jumped 472 percent between July and November 2011. Google said today, however, that it saw a 40 percent decline in the number of potentially malicious downloads on the Android Market between the first and second halves of 2011.

"This drop occurred at the same time that companies who market and sell anti-malware and security software have been reporting that malicious applications are on the rise," Lockheimer wrote. "We know the rate is declining significantly."

After announcing the discovery of the most widespread piece of Android malware, Android.Counterclank, Symantec today retracted its claim to align with rival Lookout's more muted assessment.

Chloe Albanesius has been with PCMag.com since April 2007, most recently as Executive Editor for News and Features. Prior to that, she worked for a year covering financial IT on Wall Street for Incisive Media. From 2002 to 2005, Chloe covered technology policy for The National Journal's Technology Daily in Washington, DC. She has held internships at NBC's Meet the Press, washingtonpost.com, the Tate Gallery press office in London, Roll Call, and Congressional Quarterly. She graduated with a bachelor's degree in journalism from American University...
More »